1. Field of the Invention
The present invention is related to a quantum cryptography communication system and a quantum cryptography key distributing method employed in this communication system.
2. Description of the Related Art
Very recently, in conjunction with great popularization of the Internet and the like, data are encrypted, in order to avoid eavesdropping or electrical interception of these data. However, even when these data are encrypted based upon cryptography techniques, these encrypted data could be finally eventually decrypted if a plenty of time is used for data decryption. As a consequence, quantum cryptography has been proposed as physically safety communication methods. Quantum cryptography is not cryptography using a numerical sequence which is presently utilized in a general field, but cryptography physically secured based upon the principle of quantum mechanics.
In the conventional cryptography communications, strong light, namely, large amount of photons is sent out in order that the encrypted data can be firmly sent to reception sides, since encryption is carried out using the numeral sequence.
In contrast, in quantum cryptography, only one photon is used to conduct physical characteristics of photon in case of optical communication. In other words, one bit data indicating either “0” or “1” is transmitted by using a single photon in the quantum cryptography.
A structural of a conventional cryptographic communication system is represented in FIG. 1. In the conventional quantum cryptography communicating operation, a base station 5 and another base station 6 generate a shared key in accordance with a quantum cryptography protocol in quantum cryptography communication units 51 and 61 (701 of FIG. 1). The quantum cryptography protocol is described in, for instance, “An Autocompensating Fiber-Optic Quantum Cryptography System Based on Polarization Splitting of Light” by Donald S. Bethune and William P. Risk, (IEEE Journal of Quantum Electronics, Volume 36, No. 3, March in 2000, pages 340 to 347). It should be understood that the quantum cryptography communication unit 51 is connected to the quantum cryptography communication unit 61 by an optical fiber 700.
Next, a data transceiver unit 52 of the base station 5 encrypts a plain text (namely, sentence which has not yet been encrypted) by using this generated shared key to obtain a Vernam cryptograph 702, and then transmits the Vernam cryptograph 702 to the base station 6. A data transceiver unit 62 of the base station 6 decrypts the Vernam cryptograph 702 by using the shared key to obtain the original plain text. It should be noted that the data transceiver unit 52 is connected to the data transceiver unit 62 via a data transfer path 703 which is constructed of a public network, the Internet network, or the like.
In this conventional quantum cryptography communication, as a system for encrypting a plain text by using the shared key, a Vernam cryptography system using a one time pad is used. In a Vernam cryptography system, the encryption is carried out by applying logical calculation to the plain text one bit by one bit by using a random number key, and then the cryptograph is decrypted by using the same random number key.
In the conventional quantum cryptography communication system, very weak light is used in which an average number of photons per one bit is less than one in the quantum cryptography communication protocol. Therefore, a distance between base stations where a shared key is generated is restricted within about 100 Km. That is, a communication system by way of a Vernam cryptograph is similar to a normal optical communicating operation or other communicating operations, and a communication distance is not specifically limited. However, since the distance between the base stations where the shared key required to encrypt and decrypt is generated is restricted within approximately 100 Km, the distance between the base stations between which the cryptography communication can be carried out is also limited to the above-mentioned distance. In other words, in the conventional quantum cryptography communication system using the shared key, the distance between the base stations is restricted to approximately 100 Km or shorter distances, and the shared key cannot be distributed to a remote place exceeding 100 Km.
In conjunction with the above description, a cryptography key distributing system is disclosed in Japanese Laid Open Patent Application (JP-P2001-77803A). The cryptography key distributing system of this conventional example is provided with three or more cryptography key managing units to store secret data. A transmission side unit as one of the cryptography key managing units contains a storage section to store the secret data for the cryptography key managing units, an encrypting section to encrypt the secret data and a transmitting section to transmit the encrypted secret data. A reception side unit as one of the cryptography key managing units contains a receiving section to receive the encrypted secret data, a decrypting section to decrypt the encrypted secret data, and a generating section to generate a common key between the reception side unit and each of the cryptography key managing units based on the secret data obtained through the decryption and the secret data stored in the reception side unit.
Also, a cryptography key distributing system is disclosed in Japanese Laid Open Patent Application (JP-P2002-118545A). In the cryptography key distributing system of this conventional example, a transmission signal is amplified at a plurality of stages while a relation between the transmission signal and noise is kept to meet a predetermined intersect measuring reference, to allow a long distance transmission of a cryptography key. Thus, the cryptography key is distributed by utilizing noise in case of transmission or reception.
Also, a method of multicast communication is disclosed in Japanese Laid Open Patent Application (JP-P2002-124940A). In this conventional example, a transmitting section transmits secret data about encryption to a key management server and transmits data about the encryption to a router 21 and the subsequent. When a key request data is encrypted and transmitted, the routers sequentially add an inherent data and transmit to a receiving section. The receiving section transfers the key request data to the to the key management server and receives decryption keys which are different every route. The transmitting section carries out a calculation ya0 to data to be delivered m by using a predetermined value y, and each router carries out a calculation yak by using the inherent value ak, and calculate a remainder of q. Thus, the calculation result is transmitted as a cryptograph. The receiving section decodes the encrypted data by the routers by using the decryption key K. Thus, a plain text is obtained through single decryption.
Also, a contents delivery system is disclosed in Japanese Laid Open Patent Application (JP-P2003-179597A). In this conventional example, the contents delivery server acquires an encrypt key corresponding to a set of an contents ID and a server ID of a relay server from a cryptography key database in case of delivery to a client terminal. Then, the contents delivery server encrypts contents by using the encrypt key and delivers the encrypted contents to the client terminal via the relay server. The client terminal transmits a ticket request to the contents ID and the server ID, and a ticket server acquires a decrypt key corresponding to the set of the contents ID and the server ID from the cryptography key database, and transmits a ticket containing the decrypt key to the client terminal. The client terminal decrypts the encrypted contents by using the decrypt key.